Antlion

Also known as: Antlion

Antlion is a Chinese state-backed advanced persistent threat (APT) group, who has been targeting financial institutions in Taiwan. This persistent campaign has lasted over the course of at least 18 months.

🌍 Country China
📅 Activity 2022 — 2022
Financial
2022
2022

Targeted Victims

Taiwan

Introduction

Antlion is a Chinese state-backed advanced persistent threat (APT) group, who has been targeting financial institutions in Taiwan. This persistent campaign has lasted over the course of at least 18 months.

Activities and Tactics

Targeted Sectors: Financial

Country of Origin: 🇨🇳 China

First Seen: 2022

Last Activity: 2022

Suspected Victims: Taiwan

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No atomic indicators are listed in this profile. The APTnotes snapshot indexes 1 public reports that may contain IOCs; see Source Attribution for dataset links.

Malware and Tools

  • Xpack:
  • JpgRun:
  • EHAGBPSL:
  • NetSessionEnum:

Attribution and Evidence

Country of Origin: China Additional attribution information pending cataloguing.

References

References pending cataloguing.